package club.cearnach.security.provider.impl;

import club.cearnach.security.enumeration.RoleEnum;
import club.cearnach.security.provider.AuthorizeConfigProvider;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.stereotype.Component;

/**
 * 不过滤该类配置的任何url
 *
 * @author 阮胜
 * @date 2018/5/23 14:25
 */
@Component
public class AnyRequestAuthorizeConfigProvider implements AuthorizeConfigProvider {
    @Override
    public void configure(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry config) {
        config.antMatchers("/movie/rate", "/user/update", "/user/changePwd", "/user/detail/**", "/user/favorite/**")
                .hasRole(RoleEnum.USER.getRole());
        config.antMatchers("/"
                , "/admin/assets/**"
                , "/admin/login/**"
                , "/user/login/**"
                , "/person/**"
                , "/movie/**"
                , "/error/**"
                , "/login/**"
                , "/assets/**"
                , "/about/**"
                , "/api/**",
                "/v2/api-docs")
                .permitAll();
    }
}
